A joint statement said the scammers randomly used credit and debit card data to pay for goods and services from businesses registered overseas. These transactions did not require one-time password (OTP) verification.
“Since the beginning of October, the data of 10,700 credit and debit cards had been stolen to make such transactions, though mostly debit cards were used over the past weekend,” the statement said. “Frequent transactions were made using small amounts.”
BOT and TBA have launched the following guidelines to deal with such scams:
• The bank will freeze the card and contact account holders immediately if it spots irregularly frequent transactions involving small amounts, especially with overseas businesses.
• The customer will be notified of all transactions via different channels, including mobile banking, email and SMS.
• Debit cardholders affected by scams will be refunded within five working days, while credit cardholders will not have to pay either the amount or interest incurred by irregular transactions.
• The central bank and TBA will encourage credit and debit card issuers like Visa and Mastercard to apply additional verification tools such as OTP every time a card is used, especially if it is used online.
The statement said people who spot irregular transactions can have their cards suspended or credit line changed via the card issuer’s smartphone application or by contacting the call centre.
Related stories:
It also advised people to check their transactions regularly and be careful when registering their debit cards on risky platforms such as online games or websites that do not require verification.
"BOT and financial institutions will next coordinate with related agencies to boost efficiency in tracking irregular transactions," the statement added.